CVE-2025-4833

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This issue affects some unknown processing of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow...

CVE-2025-4834

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an unknown function of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow...

CVE-2025-4999

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Affected by this issue is the function sub4153FC of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument supplicantrndiden leads to...

CVE-2025-4998

Summary: CVE-2025-4998 affects H3C Magic R200G (versions up to 100R002). The issue resides in the HTTP POST Request Handler, specifically the /goform/aspForm component, where manipulating the parameter param in functions such as Edit_BasicSSID, Edit_BasicSSID_5G, SetAPWifiorLedInfoById, SetMobile...

CVE-2025-4997

CVE-2025-4997 affects H3C R2+ProG up to version 200R004. The HTTP POST Request Handler’s /goform/aspForm, specifically UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditMacList/Edit_BasicSSID/Edit_GuestSSIDFor2P4G/Edit_BasicSSID_5G/SetAPInfoById, handles the param argument insecurely, lea...

PT-2025-22308 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200G versions up to 100R002 Description: A vulnerability has been found in the HTTP POST Request Handler component, specifically affecting the function Edit BasicSSID, Edit BasicSSID 5G, SetAPWifiorLedInfoById, SetMobileAPInfoById,...

PT-2025-22296 · H3C · H3C R2+Prog

Name of the Vulnerable Software and Affected Versions: H3C R2+ProG versions up to 200R004 Description: A problematic issue was found in the HTTP POST Request Handler component, specifically in the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/Edit BasicSSID/Edit...

CVE-2025-4831

A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formSiteSurveyProfile of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-4830

A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this issue is some unknown functionality of the file /boafrm/formSysCmd of the component HTTP POST Request Handler. The manipulation of the argument submit-url...

CVE-2025-4826

A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects some unknown processing of the file /boafrm/formWirelessTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url lead...

CVE-2025-4897

CVE-2025-4897 affects Tenda A15 routers (versions 15.13.07.09–15.13.07.13). The issue resides in the HTTP POST Request Handler for the endpoint at /goform/multimodalAdd, where improper handling leads to a buffer overflow. This could allow remote, unauthenticated attackers to execute arbitrary cod...

CVE-2025-4729

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr lead...

CVE-2025-4731

A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype/ipsubnet leads to buffer overflow. It is...

PT-2025-21865 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda A15 versions 15.13.07.09 through 15.13.07.13 Description: A critical issue affects an unknown part of the file /goform/multimodalAdd of the component HTTP POST Request Handler, leading to buffer overflow. The manipulation can be initiat...

CVE-2025-4834

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an unknown function of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow...

CVE-2025-4833

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This issue affects some unknown processing of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow...

CVE-2025-4833 TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formNtp buffer overflow

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This issue affects some unknown processing of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow...

CVE-2025-4832 TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formDosCfg buffer overflow

A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-4832

The CVE-2025-4832 issue affects TOTOLINK A702R, A3002R, and A3002RU (version 3.0.0-B20230809.1615). The vulnerability is in the /boafrm/formDosCfg HTTP POST Request Handler, where tampering with the submit-url argument causes a buffer overflow. Impact is remote code execution-like risk with high ...

CVE-2025-4830

A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this issue is some unknown functionality of the file /boafrm/formSysCmd of the component HTTP POST Request Handler. The manipulation of the argument submit-url...